Campaigners urge UK PM Starmer to dump digital ID wheeze before it’s announced. While Starmer confidently pledged to smash gangs and secure borders, his digital ID plans remain a ghost at his conference speech. With 2.6 million signatures against it, will the digital ID be dead in the water before it even sets sail?

Even if a company hits the eject button on the UK, the data protection watchdog ICO can still keep them in the spotlight for past slip-ups. Imgur’s UK exit isn’t a free pass from scrutiny, as the ICO continues its investigation into data practices concerning children’s personal information.

CERT-UA warns of cyber attacks in Ukraine using CABINETRAT, a sneaky backdoor that hides in Excel add-ins. Disguised as border documents, these attacks are like the Trojan horse of spreadsheets, delivering malware with Excel’s blessing. It’s a spreadsheet sabotage saga, a digital drama worthy of a cybersecurity soap opera.

WestJet confirms a June cyberattack exposed customer passports and IDs, leaving travelers wondering if their vacation selfies are now part of a hacker’s travel scrapbook. The airline assures that no credit card info was compromised, and offers 24-month identity theft protection—as if getting away from it all wasn’t already complicated enough!

The internet is buzzing with bogus news content, with AI slop and human error sharing the blame. Even EFF wasn’t immune, featuring in fake quotes. As AI tools infiltrate journalism, discerning real from fake news is a must. Remember, folks, trust but verify before you share that juicy tidbit!

North Korean IT workers are infiltrating far beyond tech companies, now targeting healthcare, finance, and public administration sectors. Okta Threat Intelligence reports nearly half of scam targets fall outside IT. These fraudsters funnel money back to Pyongyang, with schemes potentially leading to data theft and extortion. It’s a global con job with local consequences.

Imgur’s UK geoblock is like finding out your favorite pub ran out of chips—unexpected and disappointing. Due to a looming penalty from the UK’s data watchdog, MediaLab has slapped a not-so-jolly “Content not available in your region” sign on the site, leaving UK users as purple-square spectators.

Tile Bluetooth trackers leak identifying data in plain text, making it easy for stalkers to track victims, despite Life360’s security promises, Georgia Tech researchers warn. They found unencrypted signals and static MAC addresses, raising concerns about Bluetooth tag stalking. Life360’s communication on these vulnerabilities has apparently fizzled out.

Meta’s ad policies are as clear as mud! The Stop Censoring Abortion campaign reveals that Meta’s vague rules for abortion-related content are causing chaos. Even educational posts can get flagged, leaving advocates scratching their heads. Meta, it’s time to untangle this digital spaghetti and let people boost crucial conversations without jumping through flaming hoops.

The FTC is taking legal action against Sendit’s operator, accusing it of illegally collecting data from kids and duping users with shady subscription tactics. Allegations include sharing fake messages and surprise charges for a so-called “Diamond Membership.” It’s a digital drama worthy of its own reality show, but now it’s in the courtroom!

Google’s new AI tool in Drive for desktop is like a bouncer at a ransomware party—it’ll pause syncing to limit damage but won’t stop the gate-crashers entirely. Trained on “millions of real-world ransomware samples,” this AI detection helps stop ransomware from corrupting files, giving users time to restore them with a few clicks.

MatrixPDF is the hacker’s new best friend, transforming innocent PDFs into phishing lures with finesse. This toolkit glides past email security, offering a buffet of credential theft and malware downloads. By embedding sneaky JavaScript and malicious links, MatrixPDF ensures your inbox is both a mystery and a menace. Proceed with caution—or a really good antivirus!

Battering RAM, a new $50 hardware vulnerability, bypasses Intel and AMD security by redirecting protected memory addresses. Academics demonstrate how Intel’s SGX and AMD’s SEV-SNP features can be compromised, highlighting the limits of current memory encryption. The attack exploits DDR4 interposer hardware, rendering cloud environments vulnerable to unauthorized access.

Phantom Taurus, a Chinese-linked cyberespionage group, is on a mission impossible: breaching Microsoft Exchange email servers at embassies and foreign ministries. Their espionage strategy involves stealth and custom tools, making them the James Bond of hackers. But instead of martinis, they prefer sensitive data.

WestJet’s cyber turbulence exposed sensitive data, including passports and IDs, to attackers. While the skies may be friendly, it seems the cloud isn’t always so secure. No credit card info was taken, but if you’ve flown with WestJet, keep an eye on your points and those travel complaints!

Windows 11 25H2, the latest update from Microsoft, is rolling out gradually. It doesn’t bring exciting consumer features but does come with better vulnerability detection and AI-assisted secure coding. If you’re still on Windows 11 23H2, prepare for a full OS swap rather than the quick enablement package.

The Shadowserver Foundation has found nearly 50,000 Cisco ASA and FTD appliances still exposed online, vulnerable to CVE-2025-20333 and CVE-2025-20362. These flaws are being actively exploited—like an open buffet for hackers—and there’s no effective workaround, so patch those systems faster than you can say “cybersecurity breach.”

Western Digital’s latest firmware update for My Cloud NAS models addresses a critical vulnerability, CVE-2025-30247, which could allow remote execution of system commands. My Cloud users should prioritize updating to firmware version 5.31.108 to avoid unauthorized file access or worse—your data being hijacked faster than a hot donut on a Monday morning.

Phantom Taurus is giving governments across Africa, the Middle East, and Asia a headache with its stealthy espionage antics. This China-aligned hacker group isn’t just reading emails; they’re diving into databases and using custom malware like NET-STAR to keep everyone on their toes. It’s a spy game, and Phantom Taurus is playing to win.

A recently patched security flaw in Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day by the crafty, China-linked threat actor UNC5174. So, while you were updating your playlists, someone was exploiting CVE-2025-41244 to escalate privileges. Talk about getting to the top the hard way!